[gnso-rap-dt] Information request to ICANN Compliance department

["Greg Aaron" <gaaron@xxxxxxxxxxxx>]

Dear David:

 

Greetings, and I hope you are well.  I am writing to you at the suggestion
of the GNSO's Registration Abuse Policy Working Group (RAPWG), for which I
serve as chair.  Our charter tasks us with investigating what registration
abuses might be curtailed or better addressed if new or more consistent
registration abuse policies were established, and how registration abuse
provisions are implemented in practice or deemed effective in addressing
registration abuse.  The RAPWG's charter is available at:
https://st.icann.org/reg-abuse-wg/index.cgi?registration_abuse_policies_work
ing_group 

 

To inform the RAPWG's work, I kindly ask that the ICANN Compliance staff
provide some information regarding WHOIS availability, and WHOIS accuracy
reporting and compliance.  Questions follow, and I look forward to
discussing a mutually convenient plan for the receipt of information.

 

Q1.  What are the ICANN compliance reports published in the last three years
that discuss WHOIS availability and accuracy reporting?  I am aware of the
following; are there any others?

* 2007 "ICANN's Whois Data Accuracy and Availability Program":
http://www.icann.org/en/whois/whois-data-accuracy-program-27apr07.pdf 

* October 2007 Contractual Compliance Semi-Annual Report:
http://www.icann.org/en/compliance/reports/contractual-compliance-audit-repo
rt-18oct07.pdf

* July 2008 Contractual Compliance Semi-Annual Report:
http://icann.org/en/compliance/reports/contractual-compliance-audit-report-2
9jul08-en.pdf

* February 2009 Contractual Compliance Semi-Annual Report:
http://icann.org/en/compliance/reports/contractual-compliance-report-27feb09
-en.pdf

 

I have been unable to find the September 2009 Semi-Annual Report.  Was one
published this autumn?

 

Q2.  ICANN has a system to monitor and enforce registrar compliance with
port 43 Whois service requirements; the 2007 report said it would  include
both automated WHOIS server testing and manual reviews of registrar WHOIS
output on a regular basis.  Can you provide any observations and data
related to this monitoring, and is it described in any already-published
documents?  Specifically, can you tell us how many registrars ICANN found
were not providing port 43 and/or Web WHOIS access?  Has ICANN encountered
notable downtimes or lapses of registrar port 43 availability, or any other
issues of note?

 

Q3.  ICANN operates the WDPRS (WHOIS Data Problem Reporting System, at
http://wdprs.internic.net/).  This system is ICANN's primary tool for
assessing registrar compliance with WHOIS inaccuracy investigation
requirements.

a:  In the last 12 months (or in a convenient recent reporting period), how
many inaccuracy reports did ICANN receive via WDPRS, and how many were
confirmed by their submittors?   

b:  Of those, how many unique domain names were subject to reports?

c:  What were the results/disposition of the cases?  

  - In how many cases was the WHOIS data updated by the registrars by the
deadline?

  - In how many cases did the registrars delete or suspend the domains by
the deadline?

  - How many cases were there in which the contact data was invalid and the
registrars failed to update, suspend, or delete the domains?

 

Q4:  In the last three years, how many notices of breach of the Registrar
Accreditation Agreement has ICANN sent to registrars for failure to adhere
to WHOIS-related obligations?  (Including failure to provide Web-based or
port 43 access, or related to WHOIS data inaccuracies.) 

 

Q5:  The "Observations" section of the February 2009 Contractual Compliance
Semi-Annual Report noted: "ICANN has limited contractual tools to handle
Whois data inaccuracy, and they are cumbersome (complaints can number in the
thousands per day per day and many are inaccurate).  ICANN will continue to
pursue accuracy through aggressive enforcement of available provisions.
Ultimately, new provisions must be considered to make this enforcement even
better, and more cost efficient."   What new or revised policies,
contractual provisions, or tools does the ICANN Compliance staff suggest be
considered?  

 

With best wishes,

--Greg Aaron

Chair, RAPWG